Splunk Search

Community Activity

Can you help me to create a join in a lookup file? Hi all, I need your help. I created a lookup file (hierarchy_lookup.csv) with this layout I would like to create ... by kingwaras Engager in Splunk Search 12-12-2018 0 3	0	3
How to disable the app icon background color in Splunkbase later on? In our inital release version 0.9.0 (https://splunkbase.splunk.com/app/4317/) we intentionally adjusted the app navig... by TGeorgeDN Engager in Splunk Search 12-12-2018 1 0	1	0
Is there any way to fix cut-off Sparklines? Hello all, I have been adding sparklines to my tables. I noticed that sometimes the sparklines look cut off at the e... by whrg Motivator in Splunk Search 12-12-2018 1 0	1	0
C# SDK separate field notation Hey, i would like to send fields separate from raw data, so its not displayed in normal search result eventtext, onl... by ybartel New Member in Splunk Search 12-12-2018 0 0	0	0
columns with fwdtype i am looking for ideas how to generate report in the following format Clustername HF UF cl01 ... by shihabno New Member in Splunk Search 12-12-2018 0 0	0	0
How to remove one field to be shown in column chart I have created a query which have 4 columns in statistics and want to show column chart as well but with 3 columns. h... by sindhoo Engager in Splunk Search 12-11-2018 0 6	0	6
Export to dump with wrong values in fields Hi, I'm trying to export some data with the dump command, the data from the dump is not exported correctly, some valu... by rosantos New Member in Splunk Search 12-11-2018 0 3	0	3
How do you manipulate table results from a combined results? Hi, I am stuck trying to manipulate my table when using a subsearch. Please see below query. search .... \| stats c... by mabinn Explorer in Splunk Search 12-11-2018 0 4	0	4
How do I query the percentage of unique sessions seeing errors? I'm trying to come up with a query that's a percentage of users (via session ids) experiencing errors. i can find the... by cochang New Member in Splunk Search 12-11-2018 0 1	0	1
Ignore a row to calculate Summary total in Table? Data is like below: Is there any way to enable Total Summary but ignore "%" row to calculate Total? by ansif Motivator in Splunk Search 12-11-2018 0 3	0	3
Create a table that contains 'ALERTS'. User will verify the alerts, click on the specific event and the particular event will disappear. Hi all, I would like to create a table that contains 3 scenarios. ( Low, High, Severe) The table will keep appendi... by marvinlee93 Explorer in Splunk Search 12-11-2018 0 2	0	2
How do you search one way between two deployments/environments? I have inherited an deployment that has multiple environments: PROD, FTI, and oldFTI. I am needing to search from FTI... by cboillot Contributor in Splunk Search 12-11-2018 0 1	0	1
splunk admin system admin - lab is closed same day?? Hi I was participating today to system admin course and found out at the end of the course the lab will be active on... by net1993 Path Finder in Splunk Search 12-11-2018 0 7	0	7
How would I divide this table into hours? source=****** "Result from operation" \| rex field=message ".?returnCode=(?<code>\d+)." \| eval status=if(code=0000,"... by wagnerj02 Engager in Splunk Search 12-11-2018 0 8	0	8
How to convert string to date? I have an existing column "Date" and I need to convert it from a string like 4/2/2018 to a date of 4/2/2018. I've tr... by jimbolya11 New Member in Splunk Search 12-11-2018 0 4	0	4
How can I have the hostname included in a scheduled Splunk report? Splunk Enterprise 6.5.3 I have created a report to email me a .pdf . However, the report does not include the hostn... by dkr3500 Path Finder in Splunk Search 12-11-2018 0 10	0	10
How do I use greater/less than with floating points in eval? So, I've crafted a query that I thought would be working, but due to the nature of floating point numbers in Splunk, ... by eyetter3 New Member in Splunk Search 12-11-2018 0 2	0	2
escaping hyphen if any field has hyphen(-) as value Hi I have data like below in the Active Directory. Account Name - L-15485 D-5486 BLR-DC-09$ Here is my query; \| se... by thambisetty SplunkTrust in Splunk Search 12-11-2018 0 7	0	7
searching subset of original search Good afternoon, I am trying to find a way to carry out a search to find a subset of data and to then carry out more... by ChrisCLewis Communicator in Splunk Search 12-11-2018 0 3	0	3
How do you extract data from the following field event_message: "P5_Transfer,CLO,2018-08-08 12:12:57,Cardston transfer custom start point." The following field after event_message is event_parameters:Film Configuration: {0} Name: {1} DateTime: {2} Note: {3}... by aragoma Engager in Splunk Search 12-11-2018 0 6	0	6
Why does my query not find values in the lookup table sometimes when they do in fact exist in the lookup table?? I have several csv lookup tables that are nightly updated by a scheduled report when no one is using the system. The... by hanacurtis New Member in Splunk Search 12-11-2018 0 0	0	0
How do I use Splunk to combine two searches with a subquery with no common field? HI all, I have a log file that looks like that: 10-12-2018(8:50) INFO system.logIn - log in: yoni 10-12-2018(8:50) ... by splunksplunk232 Explorer in Splunk Search 12-11-2018 0 2	0	2
Can you help me build a table based on a lookup table? I'm a fairly inexperienced Splunk user that could use some pointers on how to accomplish building a dashboard/table u... by lohsed New Member in Splunk Search 12-11-2018 0 5	0	5
How do you get logs regarding a deleted or modified file? How to get logs do you get logs regarding deleting or modifying file / Folder from servers? by jabirabdulkader New Member in Splunk Search 12-11-2018 0 1	0	1
Can you help me write an if statement for the following condition? Hi, I need to write an if statement for the following condition. I have two services in which status is shown by 0 o... by keishamtcs Explorer in Splunk Search 12-11-2018 0 7	0	7